//package com.core.family.admin.config;
//
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
//import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
//import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
//import org.springframework.security.oauth2.provider.token.TokenStore;
//import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
//
//import javax.sql.DataSource;
//
///**
// * @program: kuntail
// * @description: 资源管理配置
// * @author: honglei
// * @create: 2022-06-16 09:49
// */
//@Configuration
//@EnableResourceServer
//public class OauthResourceConfig extends ResourceServerConfigurerAdapter {
//    @Autowired
//    private DataSource dataSource;
//    @Autowired
//    private TokenStore tokenStore;
//
//    /**
//     * 指定token的持久化策略
//     * 其下有   RedisTokenStore保存到redis中，
//     * JdbcTokenStore保存到数据库中，
//     * InMemoryTokenStore保存到内存中等实现类，
//     * 这里我们选择保存在数据库中
//     *
//     * @return
//     */
//    @Bean
//    public TokenStore jdbcTokenStore() {
//        return new JdbcTokenStore(dataSource);
//    }
//
//    @Override
//    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
//        resources.resourceId("client")//指定当前资源的id，非常重要！必须写！
//                .tokenStore(tokenStore);//指定保存token的方式
//    }
//
//    @Override
//    public void configure(HttpSecurity http) throws Exception {
//        http.authorizeRequests()
//                .antMatchers("/test/**", "/templateMsg/**")
//                .permitAll()
//                .anyRequest().authenticated()
//                .and()
//                .headers().addHeaderWriter((request, response) ->
//                    {
//                        response.addHeader("Access-Control-Allow-Origin", "*");//允许跨域
//                        if (request.getMethod().equals("OPTIONS")) {//如果是跨域的预检请求，则原封不动向下传达请求头信息
//                            response.setHeader("Access-Control-Allow-Methods", request.getHeader("Access-Control-Request-Method"));
//                            response.setHeader("Access-Control-Allow-Headers", request.getHeader("Access-Control-Request-Headers"));
//                        }
//                    });
//    }
//}
